Test Procedure for (s) Integrity
|
|
- Dennis Wiggins
- 5 years ago
- Views:
Transcription
1 Test Procedure for (s) Integrity This document describes the draft test procedure for evaluating conformance of complete EHRs or EHR modules 1 to the certification criteria defined in 45 CFR Part 170 Subpart C of the Final Rule for Health Information Technology: Initial Set of standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology as published in the Federal Register on July 28, The document 2 is organized by test procedure and derived test requirements with traceability to the normative certification criteria as described in the Overview document located at The test procedures may be updated to reflect on-going feedback received during the certification activities. The HHS/Office of the National Coordinator for Health Information Technology (ONC) has defined the standards, implementation guides and certification criteria used in this test procedure. Applicability and interpretation of the standards, implementation guides and certification criteria to EHR technology is determined by ONC. Test procedures to evaluate conformance of EHR technology to ONC s requirements are defined by NIST. Testing of EHR technology is carried out by ONC-Authorized Testing and Certification Bodies (ATCBs), not NIST, as set forth in the final rule establishing the Temporary Certification Program (Establishment of the Temporary Certification Program for Health Information Technology, 45 CFR Part 170; June 24, 2010.) Questions about the applicability of the standards, implementation guides or criteria should be directed to ONC at ONC.Certification@hhs.gov. Questions about the test procedures should be directed to NIST at hit-tst-fdbk@nist.gov. Note that NIST will automatically forward to ONC any questions regarding the applicability of the standards, implementation guides or criteria. Questions about functions and activities of the ATCBs should be directed to ONC at ONC.Certification@hhs.gov. CERTIFICATION CRITERIA This Certification Criterion is from the Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology Final Rule issued by the Department of Health and Human Services (HHS) on July 28, (s) Integrity (1) Create a message digest in accordance with the standard specified in (c). (2) Verify in accordance with the standard specified in (c) upon receipt of electronically exchanged health information that such information has not been altered. (3) Detection. Detect the alteration of audit logs. 1 Department of Health and Human Services, 45 CFR Part 170 Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology, Final Rule, July 28, Disclaimer: Certain commercial products are identified in this document. Such identification does not imply recommendation or endorsement by the National Institute of Standards and Technology. 1
2 Per Section III.D of the preamble of the Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology, Final Rule where the integrity certification criterion is discussed: We clarify that we expect Certified EHR Technology to be capable of creating a message digest and when in receipt of a message digest, to use the message digest to verify that the contents of the message have not been altered. [ ] we clarify that Certified EHR Technology must include the capability to check the integrity of health information that has been received through electronic exchange. However, similar to our approach to many adopted certification criteria, we do not specify the instance in which the capability needs to be executed. INFORMATIVE TEST DESCRIPTION This section provides an informative description of how the test procedure is organized and conducted. It is not intended to provide normative statements of the certification requirements. This test evaluates the capability for a Complete EHR or EHR Module to generate a message digest using the standard specified and to verify, upon receipt of electronic health information that the information has not been altered using a secure hashing algorithm (SHA-1 or higher). This does not test the ability to transmit data outside of the EHR. The Vendor supplies test data for this test. This test procedure consists of two sections: Generate hash values evaluates the capability to generate a hash value o The Tester generates two hash values for comparison using Vendor-supplied test data o The Tester modifies the Vendor-supplied test data set and generates a hash value for the modified data set Compare hash values evaluates the capability to compare hash values to ensure the electronic health information has not been altered in transit o The Tester compares the generated hash values o The Tester determines if the hash values are the same or different depending on the data sets 2
3 REFERENCED STANDARDS (c) Verification that electronic health information has not been altered in transit. Standard. A hashing algorithm with a security strength equal to or greater than SHA-1 (Secure Hash Algorithm (SHA-1) as specified by the National Institute of Standards and Technology (NIST) in FIPS PUB (October, 2008) must be used to verify that electronic health information has not been altered Regulatory Referenced Standard NORMATIVE TEST PROCEDURES Derived Test Requirements DTR s 1: Generate hash values DTR s 2: Compare hash values DTR s.1 1: Generate hash values Required Vendor Information VE s 1.01: The Vendor shall provide EHR documentation identifying the secure hash algorithm (e.g., security strength equal to or greater than SHA-1) used to provide the hash value VE s 1.02: The Vendor shall identify the EHR function(s) that are available to generate and read hash values VE s 1.03: The Vendor shall identify test data available for this test Required Test Procedure: TE s 1.01: The Tester shall examine Vendor-provided EHR documentation to determine if the vendor-identified secure hashing algorithm used to provide the hash value is equal to or greater in strength than SHA-1 TE s 1.02: Using the Vendor-identified EHR function(s), the Tester shall generate two hash values for the Vendor-supplied test data Using the Vendor-supplied test data set, the Tester shall modify the test data TE s 1.03: Using the Vendor identified EHR function (s), the Tester shall generate a hash value for the modified test data set TE s 1.04: The Tester shall output and store the hash value for comparison Inspection Test Guide IN s 1.01: IN s 1.02: Tester shall verify that the Vendor-identified secure hashing algorithm used to provide the hash value is SHA-1 or higher Tester shall verify that two hash values have been generated from the Vendorsupplied test data and that one hash value has been generated from the modified Vendor-supplied test data 3
4 DTR s 2: Compare hash values Required Vendor Information As defined in DTR s.1 1, no additional information is required Required Test Procedure: TE s 2.01: The Tester shall compare the hash values generated in the Generate hash values test using the Vendor-supplied test data TE s 2.02: The Tester shall compare one hash value generated in the Generate hash value test using the Vendor-supplied test data and the hash value generated using the modified Vendor-supplied test data Inspection Test Guide IN s 2.01: IN s 2.02: Tester shall verify that the hash values are the same for the Vendor-supplied test data Test shall verify that the hash values are different for the modified Vendorsupplied test data TEST DATA This Test Procedure requires the vendor to supply the test data. The Tester shall address the following: Vendor-supplied test data shall ensure that the functional and interoperable requirements identified in the criterion can be adequately evaluated for conformance Vendor-supplied test data shall strictly focus on meeting the basic capabilities required of an EHR relative to the certification criterion rather than exercising the full breadth/depth of capability that an installed EHR might be expected to support Tester shall record as part of the test documentation the specific Vendor-supplied test data that was utilized for testing CONFORMANCE TEST TOOLS None 4
5 Document History Version Number Description of Change Date Published 0.3 Original draft version April 9, Updated to reflect Final Rule July 21, Updates include: removed Pending from header updated typographical error August 13,
Test Procedure for (a) Computerized Provider Order Entry
Test Procedure for 170.304 (a) Computerized Provider Order Entry This document describes the draft test procedure for evaluating conformance of complete EHRs or EHR modules 1 to the certification criteria
More informationTest Procedure for (c) Record Demographics
Test Procedure for 170.304 (c) Record Demographics This document describes the test procedure for evaluating conformance of complete EHRs or EHR modules 1 to the certification criteria defined in 45 CFR
More informationTest Procedure for (k) Submission to Immunization Registries
Test Procedure for 170.302 (k) Submission to Immunization Registries This document describes the draft test procedure for evaluating conformance of complete EHRs or EHR modules 1 to the certification criteria
More informationRobert Snelick, NIST Sheryl Taylor, BAH. October 11th, 2012
Test Tool Orientation for International Society for Disease Surveillance (ISDS): 2014 Edition 170.314(f)(3) Transmission to Public Health Agencies - Syndromic Surveillance Robert Snelick, NIST Sheryl Taylor,
More informationNIST Normative Test Process Document: e-prescribing (erx) Test Tool
NIST Normative Test Process Document: e-prescribing (erx) Test Tool Test Tool and Test Descriptions to Conduct ONC 2015 Edition Certification Version 1.7 Date: December 3, 2015 Developed by the National
More informationPRODUCT UNDER TEST TEST EVENT RESULT. Quality Manual ISO Test Lab Test Report
PRODUCT UNDER TEST Organization Name: SRS-Health Address of Vendor: 155 Chestnut Ridge Road Montvale NJ 07645 Test Product Name: SRS EHR Test Product Version-with-Release: v10 TEST EVENT RESULT Criteria
More informationPRODUCT UNDER TEST TEST EVENT RESULT. Quality Manual ISO Test Lab Test Report
PRODUCT UNDER TEST Organization Name: Varian Medical Systems Address of Vendor: 3100 Hansen Way Palo Alto CA 94304 Test Product Name: 360 Oncology Patient Portal Test Product Version-with-Release: 1.0
More informationSLI Compliance ONC-ATL Testing Program Guide
SLI Compliance A Division of Gaming Laboratories International, LLC 4720 Independence St. Wheat Ridge, CO 80033 303-422-1566 www.slicompliance.com SLI Compliance ONC-ATL Testing Program Guide Document
More informationCategory: Informational September 2004
Network Working Group R. Housley Request for Comments: 3874 Vigil Security Category: Informational September 2004 Status of this Memo A 224-bit One-way Hash Function: SHA-224 This memo provides information
More informationInformation Technology (CCHIT): Report on Activities and Progress
Certification Commission for Healthcare Information Technology Certification Commission for Healthcare Information Technology (CCHIT): Report on Activities and Progress Mark Leavitt, MD, PhD Chair, CCHIT
More informationSetup of Direct Messaging Address and Referring Provider
Meaningful Use Related Modified Stage 2 Objective: Health Information Exchange (Summary of Care): The EP who transitions their patient to another setting of care or provider of care or refers their patient
More informationPECB Certified ISO Lead Auditor. Master the Audit of Occupational Health and Safety Management System (OHSMS) based on ISO 45001
Certified Lead Auditor Master the Audit of Occupational Health and Safety Management System (OHSMS) based on Why should you attend? is the first global Occupational Health and Safety Management System
More informationMeaningful Use Webcast
MU Security Objectives Direct Messaging Questions MU Security Objective Security s Importance to Meaningful Use The Security Objective Satisfying the Objective Security Mechanisms in the EHR Software MU
More informationCertification Report
Certification Report EMC VNX OE for Block v05.33 and File v8.1 with Unisphere v1.3 running on VNX Series Hardware Models VNX5200, VNX5400, VNX5600, VNX5800, VNX7600, and VNX8000 Issued by: Communications
More informationCyber Security Reliability Standards CIP V5 Transition Guidance:
Cyber Security Reliability Standards CIP V5 Transition Guidance: ERO Compliance and Enforcement Activities during the Transition to the CIP Version 5 Reliability Standards To: Regional Entities and Responsible
More informationSecure Messaging Meaningful Use Stage 3 Eligible Professionals
2015 Certification Criterion: Secure Messaging Objective: Objective 6: Coordination of Care through Patient Engagement Measure 2: For more than 25% of all unique patients seen by the EP during the EHR
More informationNIST Security Certification and Accreditation Project
NIST Security Certification and Accreditation Project An Integrated Strategy Supporting FISMA Dr. Ron Ross Computer Security Division Information Technology Laboratory 1 Today s Climate Highly interactive
More informationAssurance Continuity Maintenance Report
Assurance Continuity Maintenance Report Buheita Fujiwara, Chairman Information-Technology Promotion Agency, Japan Changed TOE Application date/id Certification No. Sponsor Name of TOE / Version of TOE
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationInternet Engineering Task Force (IETF) Category: Standards Track ISSN: March 2010
Internet Engineering Task Force (IETF) S. Santesson Request for Comments: 5816 3xA Security Updates: 3161 N. Pope Category: Standards Track Thales ISSN: 2070-1721 March 2010 Abstract ESSCertIDv2 Update
More informationMargret Amatayakul, MBA, RHIA, CHPS, CPHIT, CPEHR, FHIMSS. Margret\A Consulting, LLC
Technical Security Challenges in Earning Meaningful Use Incentives for EHR Margret Amatayakul, MBA, RHIA, CHPS, CPHIT, CPEHR, FHIMSS Margret\A Consulting, LLC Agenda What is required for M.U. Measures
More informationCompliance Matrix for 21 CFR Part 11: Electronic Records
Compliance Matrix for 21 CFR Part 11: Electronic Records Philip E. Plantz, PhD, Applications Manager David Kremer, Senior Software Engineer Application Note SL-AN-27 Revision B Provided By: Microtrac,
More informationWescom Solutions, Inc. Practitioner Engagement Android Version CFR EPCS Certification Report
Wescom Solutions, Inc. Practitioner Engagement Android Version 1.0 21 CFR EPCS Certification Report April 27, 2017 Prepared by Drummond Group drummondgroup.com Page 1 of 5 Certification Summary Overview
More informationKey Management Interoperability Protocol Crypto Profile Version 1.0
Key Management Interoperability Protocol Crypto Profile Version 1.0 Working Draft 0708 25 7 NovemberOctober 2012 Technical Committee: OASIS Key Management Interoperability Protocol (KMIP) TC Chairs: Robert
More informationPatient Portal Patient Access
Meaningful Use Modified Stage 2 Related Objective: Patient Electronic Access (VDT): Provide patients the ability to view online, download and transmit their health information within 4 business days of
More informationFile No. SR-NASD-00-70
November 29, 2000 Ms. Katherine A. England Assistant Director Division of Market Regulation Securities and Exchange Commission 450 Fifth Street, N.W. Washington, D.C. 20549-1001 Re: File No. SR-NASD-00-70
More informationMaster the Audit of Information Security Management Systems (ISMS) based on ISO/IEC 27001
Master the Audit of Systems (ISMS) based on ISO/IEC 27001 Why should you attend? Auditor training enables you to develop the necessary expertise to perform an System (ISMS) audit by applying widely recognized
More informationInter American Accreditation Cooperation. IAAC, IAF and ILAC Resolutions Applicable to IAAC MLA Peer Evaluations
IAAC, IAF and ILAC Resolutions Applicable to IAAC MLA Peer Evaluations CLASSIFICATION This document is classified as an IAAC Mandatory Document. AUTHORIZATION Issue Nº: 07 Prepared by: MLA Committee and
More informationONC HIT Certification Program
ONC HIT Certification Program Test Results Summary for 2014 Edition EHR Certification Part 1: Product and Developer Information 1.1 Certified Product Information Product Name: IGNITE Product Version: 1.0.0
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationISO/IEC :2015 IMPACT ON THE CERTIFIED CLIENT
ISO/IEC 17021-1:2015 IMPACT ON THE CERTIFIED CLIENT P R E S E N T E D B Y S H A N N O N C R A D D O C K, P R O G R A M S & A C C R E D I T A T I O N S M A N A G E R TODAY S APPROACH What is ISO/IEC 17021-1:2015?
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationSection I. GENERAL PROVISIONS
LAW OF THE RUSSIAN FEDERATION NO. 5151-1 OF JUNE 10, 1993 ON CERTIFICATION OF PRODUCTS AND SERVICES (with the Additions and Amendments of December 27, 1995, March 2, July 31, 1998) Federal Law No. 154-FZ
More informationProcess for the Evaluation and Acceptance of Building Products in the USA
Process for the Evaluation and Acceptance of Building Products in the USA Rick Okawa, P.E. Deputy Vice President of Global Services and Business Development An Integrated Building System Product Certification
More informationCertification Report
Certification Report HP 3PAR StoreServ Storage Systems Version 3.2.1 MU3 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT McAfee Policy Auditor 6.4 with epolicy Orchestrator 5.10 5 November 2018 383-4-455 V1.0 Government of Canada. This document is the property of the Government of Canada.
More informationThis draft standard is being posted for an initial comment and ballot. The draft includes modifications to meet the directives of FERC Order No. 791.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationCertification Report
Certification Report EMC NetWorker v8.0.1.4 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada,
More informationStandard COM-002-2a Communications and Coordination
A. Introduction 1. Title: Communication and Coordination 2. Number: COM-002-2a 3. Purpose: To ensure Balancing Authorities, Transmission Operators, and Generator Operators have adequate communications
More informationStandard CIP 005 4a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-4a 3. Purpose: Standard CIP-005-4a requires the identification and protection of the Electronic Security Perimeter(s)
More informationNATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY Standardization of Entity Authentication Assurance 5th ETSI Security Workshop 20-2222 January 2010 ETSI, Sophia Antipolis, France Erika McCallister, Esq.,
More informationOSIG Change History Article
OSIG Change History Article Change history The OSIG has moved The OSIG is now available as a web application. See http://lenovopress.com/osig 21 September 2016 Windows Server 2016 is Certified on x3850
More informationCertification Report
Certification Report EAL 4+ Evaluation of WatchGuard and Fireware XTM Operating System v11.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report Lancope Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationImplementation Experience with ASTM D7036
Implementation Experience with ASTM D7036 National Environmental Monitoring Conference San Antonio, TX 6 August 2013 David L. Elam, Jr. Summa Consultants, Inc./Stack Testing Accreditation Council, Inc.
More informationChromQuest 5.0. Tools to Aid in 21 CFR Part 11 Compliance. Introduction. General Overview. General Considerations
ChromQuest 5.0 Tools to Aid in 21 CFR Part 11 Compliance Introduction Thermo Scientific, Inc. is pleased to offer the ChromQuest chromatography data system (CDS) as a solution for chromatography labs seeking
More informationCertification Report
Certification Report EAL 2+ Evaluation of Tactical Network-layer Gateway (2E2 IA): a GD Canada MESHnet G2 Gateway product Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationONC HIT Certification Program Test Results Summary for 2014 Edition EHR Certification
ONC HIT Certification Program Test Results Summary for 2014 Edition EHR Certification Part 1: Product and Developer Information 1.1 Certified Product Information Product Name: Soteria Product Version:
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationFDA Finalizes Regulation Amending Food Facility Registration Regulations
Hogan Lovells US LLP Columbia Square 555 Thirteenth Street, NW Washington, DC 20004 T +1 202 637 5600 F +1 202 637 5910 www.hoganlovells.com MEMORANDUM From: Joseph A. Levitt Maile Gradison Hermida Elizabeth
More informationSAI GLOBAL PRODUCT SERVICES
SMG03 Guidelines for Product Services Testing SAI GLOBAL PRODUCT SERVICES Guidelines for Product Services Testing A step by step guide for applicants and laboratories conducting type testing for certification
More informationPrior Authorization and Clinician Burden: Updates from ONC
Prior Authorization and Clinician Burden: Updates from ONC Thomas A. Mason, MD, FACP Chief Medical Officer Office of the National Coordinator for Health Information Technology (ONC) U.S. Department of
More informationREGULATION ASPECTS 21 CFR PART11. 57, av. Général de Croutte TOULOUSE (FRANCE) (0) Fax +33 (0)
REGULATION ASPECTS 21 CFR PART11 57, av. Général de Croutte - 31100 TOULOUSE (FRANCE) - +33 (0)5 34 47 40 00 - Fax +33 (0)5 34 47 43 01 Trademarks All names identified by are registered trademarks of the
More informationAssurance Continuity Maintenance Report
Assurance Continuity Maintenance Report Buheita Fujiwara, Chairman Information-Technology Promotion Agency, Japan Changed TOE Application date/id Certification No. Sponsor Name of TOE / Version of TOE
More informationREPORT 2015/149 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/149 Audit of the information and communications technology operations in the Investment Management Division of the United Nations Joint Staff Pension Fund Overall results
More informationMODEL CERTIFICATE FOR FISH AND FISHERY PRODUCTS CAC/GL
CAC/GL 48-2004 Page 1 of 6 INTRODUCTION MODEL CERTIFICATE FOR FISH AND FISHERY PRODUCTS CAC/GL 48-2004 Certification is one method that can be utilized by regulatory agencies of importing and exporting
More informationRules for LNE Certification of Management Systems
Rules for LNE Certification of Management Systems Application date: March 10 th, 2017 Rev. 040716 RULES FOR LNE CERTIFICATION OF MANAGEMENT SYSTEMS CONTENTS 1. PURPOSE... 3 2. SCOPE... 3 3. DEFINITION
More informationNetwork Working Group. Category: Standards Track NIST November 1998
Network Working Group Request for Comments: 2404 Category: Standards Track C. Madson Cisco Systems Inc. R. Glenn NIST November 1998 Status of this Memo The Use of HMAC-SHA-1-96 within ESP and AH This document
More informationCertification Report
Certification Report EAL 2+ Evaluation of Fortinet FortiMail V3.0 MR5 Secure Messaging Platform Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationHighlights of the 508 Compliance Revision. Dr. Linda S. Gilbert October 26, 2017
Highlights of the 508 Compliance Revision Dr. Linda S. Gilbert October 26, 2017 Overview Background on 508 and standards Highlights of key changes Resources for learning more Links posted on WAG site Web
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Lexmark CX920, CX921, CX922, CX923, CX924, XC9235, XC9245, XC9255, and XC9265 Multi-Function Printers 7 February 2018 383-4-434 V1.0 Government of Canada. This document
More informationWhat is Usability? What is the Current State? Role and Activities of NIST in Usability Reactions from Stakeholders What s Next?
What is Usability? What is the Current State? Role and Activities of NIST in Usability Reactions from Stakeholders What s Next? Usability is "the extent to which a product can be used by specified users
More informationAccessibility Evaluation of Pearson REVEL Platform VPAT Document
Accessibility Evaluation of Pearson REVEL Platform VPAT Document Presented to: Pearson July 23, 2015 Document Version 1.0 Prepared By: Tech For All, Inc. www.tfaconsulting.com August 13, 2015 Document
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT WorkCentre 7525/7530/7535/7545/7556 with FIPS 140-2 Compliance over SNMPv3 25 July 2016 v1.0 383-4-371 Government of Canada. This document is the property of the Government
More informationSecure Messaging Stage 3 Meaningful Use
2015 Certification Criterion: Secure Messaging Meaningful Use Stage 3 Objective: Objective 6: Coordination of Care through Patient Engagement Measure 2: If you are attesting to Medicare or Dually Eligible
More informationIATF - International Automotive Task Force Rules for achieving and maintaining IATF Recognition IATF Rules 5 th Edition Sanctioned Interpretations
Rules for achieving and maintaining IATF Recognition IATF Rules 5 th Edition Sanctioned Interpretations The Rules for achieving and maintaining IATF Recognition 5 th Edition for IATF 16949 ( Rules 5 th
More informationSummary of Changes in ISO 9001:2008
s in ISO 9001:2008 Clause 0.1 Introduction General Added the phrase its organizational environment, changes in that environment, or risks associated with that environment, to the first paragraph Created
More informationPIV Data Model Test Guidelines
This publication is available free of charge from http://csrc.nist.gov/publications/ Draft NIST Special Publication 800-85B-4 PIV Data Model Test Guidelines Ramaswamy Chandramouli Hildegard Ferraiolo Ketan
More informationCriterion C: Project schedule
Criterion C: Project schedule Date Action Details Comments and follow up Date completed Criterion Feb Teacher introduced project My ideas were approved by my ITGS teacher after discussing them through
More informationCommon Criteria Certificate
National Information Assurance Partnership Common Criteria Certificate is awarded to Xerox Corporation for ColorQube 8700/8900 Xerox ConnectKey Controller The IT product identified in this certificate
More informationThe Impact of 21 CFR Part 11 on Product Development
The Impact of 21 CFR Part 11 on Product Development Product development has become an increasingly critical factor in highly-regulated life sciences industries. Biotechnology, medical device, and pharmaceutical
More informationStandard CIP 004 3a Cyber Security Personnel and Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-3a 3. Purpose: Standard CIP-004-3 requires that personnel having authorized cyber or authorized unescorted physical access
More informationSend and Receive Exchange Use Case Test Methods
Send and Receive Exchange Use Case Test Methods Release 1 Version 1.0 October 1, 2017 Send and Receive Exchange Test Methods Release 1 Version 1.0 Technology Sponsor [Name] [Email] [Telephone] Signature
More informationCertification Report
Certification Report EAL 4+ Evaluation of Firewall Enterprise v8.2.0 and Firewall Enterprise Control Center v5.2.0 Issued by: Communications Security Establishment Canada Certification Body Canadian Common
More informationCertification for Meaningful Use Experiences and Observations from the Field June 2011
Certification for Meaningful Use Experiences and Observations from the Field June 2011 Principles for Certification to Support Meaningful Use Certification should promote EHR adoption by giving providers
More informationInternet Engineering Task Force (IETF) Obsoletes: 6485 Category: Standards Track August 2016 ISSN:
Internet Engineering Task Force (IETF) G. Huston Request for Comments: 7935 G. Michaelson, Ed. Obsoletes: 6485 APNIC Category: Standards Track August 2016 ISSN: 2070-1721 Abstract The Profile for Algorithms
More informationInternet Engineering Task Force (IETF) Request for Comments: 5754 Updates: 3370 January 2010 Category: Standards Track ISSN:
Internet Engineering Task Force (IETF) S. Turner Request for Comments: 5754 IECA Updates: 3370 January 2010 Category: Standards Track ISSN: 2070-1721 Abstract Using SHA2 Algorithms with Cryptographic Message
More informationCertification Commission for Healthcare Information Technology. CCHIT A Catalyst for EHR Adoption
Certification Commission for Healthcare Information Technology CCHIT A Catalyst for EHR Adoption Alisa Ray, Executive Director, CCHIT Sarah Corley, MD, Chief Medical Officer, NextGen Healthcare Systems;
More informationFederal Communication Commission (FCC) Office of Engineering and Technology (OET) Program Accreditation Procedure
PJLA offers third-party accreditation services to Conformity Assessment Bodies (i.e. Testing and/or Calibration Laboratories, Reference Material Producers, Field Sampling and Measurement Organizations
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-6 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the Bulk Electric
More informationSmart Grid Standards and Certification
Smart Grid Standards and Certification June 27, 2012 Annabelle Lee Technical Executive Cyber Security alee@epri.com Current Environment 2 Current Grid Environment Legacy SCADA systems Limited cyber security
More informationQuality Assurance Program Addendum for IEC Specific Product Testing
Quality Assurance Program Addendum for IEC 61850 Specific Product Testing July 15, 2008 Version 1.3 Prepared for the UCA International Users Group - 1-07/15/2008 PREPARED BY: UCA International Users Group
More informationRequest for Qualifications for Audit Services March 25, 2015
Request for Qualifications for Audit Services March 25, 2015 I. GENERAL INFORMATION A. Purpose This Request for Qualifications (RFQ) is to solicit a CPA firm with which to contract for a financial and
More informationISACA Cincinnati Chapter March Meeting
ISACA Cincinnati Chapter March Meeting Recent and Proposed Changes to SOC Reports Impacting Service and User Organizations. March 3, 2015 Presenters: Sayontan Basu-Mallick Lori Johnson Agenda SOCR Overview
More informationApril 25, Dear Secretary Sebelius,
April 25, 2014 Department of Health and Human Services Office of the National Coordinator for Health Information Technology Attention: 2015 Edition EHR Standards and Certification Criteria Proposed Rule
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT CA Technologies CA API Gateway v9.2 10 October 2017 383-4-417 V 1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be
More informationGovernment Product Accessibility Template (GPAT) Section 508 Compliance and Certification Services for PDF files
Summary Government Product Accessibility Template (GPAT) Section 58 Compliance and Certification Services for PDF files Appligent Document Solutions Column one includes all the Sections of the Standard
More informationONC HIT Certification Program
ONC HIT Certification Program Part 1: Product and Developer Information 1.1 Certified Product Information Product Name: Clicktate Product Version: 5.0 Domain: Ambulatory Test Type: Complete 1.2 Developer/Vendor
More informationHIT Policy Committee. Recommendations by the Certification and Adoption Workgroup. Paul Egerman Marc Probst, Intermountain Healthcare.
HIT Policy Committee Recommendations by the Certification and Adoption Workgroup Paul Egerman Marc Probst, Intermountain Healthcare July 16, 2009 Agenda The Workgroup The Workgroup s Charge Workgroup Process
More informationONC HIT Certification Program
ONC HIT Certification Program Test Results Summary for 2014 Edition EHR Certification Part 1: Product and Developer Information 1.1 Certified Product Information Product Name: DataMotion Direct Product
More informationHealth Care ADVISORY. Certification Programs for Health Information Technology Are Here. Temporary Certification Program.
Health Care ADVISORY March 12, 2010 Certification Programs for Health Information Technology Are Here On March 10, 2010, the Office of the National Coordinator (ONC) published its Proposed Rule establishing
More informationSecurity Requirements for Crypto Devices
Security Requirements for Crypto Devices Version 1.0 02 May 2018 Controller of Certifying Authorities Ministry of Electronics and Information Technology 1 Document Control Document Name Security Requirements
More informationSDA COMPLIANCE SOFTWARE For Agilent ICP-MS MassHunter Software
SDA COMPLIANCE SOFTWARE For Agilent ICP-MS MassHunter Software Part 11 in Title 21 of the US Code of Federal Regulations (commonly referred to as 21 CFR Part 11) governs food and drugs in the US, and includes
More informationCERTIFICATE SCHEME THE MATERIAL HEALTH CERTIFICATE PROGRAM. Version 1.1. April 2015
CERTIFICATE SCHEME For THE MATERIAL HEALTH CERTIFICATE PROGRAM Version 1.1 April 2015 Copyright Cradle to Cradle Products Innovation Institute, 2015 1 Purpose The intention of the Certificate Scheme is
More information21 CFR PART 11 COMPLIANCE
21 CFR PART 11 COMPLIANCE PRODUCT OVERVIEW ADD-ONS & INDIVIDUAL SOLUTIONS PLA SUPPORT CONTRACT TRAINING CONSULTING 21 CFR PART 11 COMPLIANCE PLA 3.0 Software For Biostatistical Analysis PLA 3.0 21 CFR
More informationTest Results Summary for 2014 Edition EHR Certification R 0033 PRA V1.0, June 26, (f)(5) Amb. only. (d)(3)
2.2 Gap Certification The following identifies criterion or criteria certified via gap certification 170.314 (a)(1) (a)(19) (d)(6) (h)(1) (a)(6) (a)(20) (d)(8) (h)(2) (a)(7) (b)(5)* (d)(9) (h)(3) (a)(17)
More informationTest Results Summary for 2014 Edition EHR Certification R-0041-PRA V1.0, September 11, (f)(5) Amb. only. (d)(3)
2.2 Gap Certification The following identifies criterion or criteria certified via gap certification 170.314 (a)(1) (a)(19) (d)(6) (h)(1) (a)(6) (a)(20) (d)(8) (h)(2) (a)(7) (b)(5)* (d)(9) (h)(3) (a)(17)
More informationONC Health IT Certification Program
ONC Health IT Certification Program Certification Requirements Update March 17, 2016 ICSA Labs Health IT Program Agenda Introduction Mandatory Product Disclosures and Transparency Requirements Certified
More informationCertification Report
Certification Report McAfee File and Removable Media Protection 4.3.1 and epolicy Orchestrator 5.1.2 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation
More information